A simple security wrapper for Claude CLI that automatically blocks dangerous commands.
npm install -g claude-guard
claude-guard "help me debug this code" # Same as claude, but saferInstead of Claude running rm -rf / or reading your SSH keys, Claude Guard automatically blocks dangerous operations while allowing normal development tasks.
- Basic safety: Prevents
rm -rf /, credential theft, obvious disasters - Development teams: Simple pattern-based blocking without complex setup
- Drop-in replacement: Use
claude-guardexactly likeclaude - Zero configuration: Works out of the box with sensible defaults
- Enterprise security: This is not enterprise-grade protection
- Determined attackers: Basic pattern matching, not AI security analysis
- Compliance: No central management, audit trails, or enterprise features
- Perfect security: Can be bypassed by someone who really wants to
Perfect for: Small teams wanting basic safety rails
Not suitable for: Enterprise security requirements
| Tool | Approach | Best for |
|---|---|---|
claude |
No protection | Trusted environments |
claude-guard |
Basic pattern blocking | Development teams |
| Enterprise tools | Full security suite | Regulated industries |
# 1. Install Claude CLI first
npm install -g @anthropic-ai/claude-code
# 2. Install Claude Guard
npm install -g claude-guard
# 3. Use it exactly like claude
claude-guard "explain this error"claude-guard @test # Runs "run all tests in this project"
claude-guard @build # Runs "build the project for production"
claude-guard @deploy # Runs "deploy to production server"claude-guard --audit-tail # Show last 10 commands
claude-guard --verify-integrity # Check for tamperingclaude-guard --config-init # Create config file
claude-guard --list-aliases # Show all aliasesClaude Guard now supports Claude's native settings.json format! Use your existing .claude/settings.json files directly:
{
"permissions": {
"allow": ["Bash(git *)", "Bash(npm *)", "Read(*)", "Edit(*)"],
"deny": ["Bash(rm -rf /*)", "Bash(sudo rm -rf /*)"]
}
}Benefits:
- Standards Compliance: Uses Claude's official settings format
- Layered Security: Claude rules + additional guard patterns
- Easy Migration: Existing
.claude/settings.jsonfiles work immediately - Backwards Compatible: Guard-only mode preserved
Enable in ~/.claude/guard/config.json:
{
"policies": {
"useClaudeSettings": true,
"claudeSettingsFirst": true
}
}For comprehensive configuration, check out claude-settings which provides 900+ curated development tool patterns.
- Development tools: npm, yarn, pip, cargo, go build
- Version control: git commands, git operations
- Containers: docker run, docker build, docker-compose
- File operations: reading files, listing directories
- Safe utilities: curl, wget (to known safe domains)
- System destruction:
rm -rf /,sudo rm,mkfs,format - Credential access: Reading
/etc/passwd, SSH keys, environment secrets - Network attacks: Port scanning, suspicious downloads
- Privilege escalation: Unauthorized sudo, system modifications
- Package installs: npm/pip/gem installs (warns but allows)
- Git repository operations: In repository root (warns about destructive commands)
- System tools: Some system utilities that could be misused
# Analyze code (same as Claude CLI)
claude-guard "explain this function"
# Debug assistance
claude-guard "help me fix this error: TypeError: Cannot read property"
# Code generation
claude-guard "create a REST API endpoint for user authentication"claude-guard @test # Runs "run all tests in this project"
claude-guard @lint # Runs "check code quality and style issues"
claude-guard @build # Runs "build the project for production"
claude-guard @deploy # Runs "deploy to production server"# View recent command history
claude-guard --audit-tail
# Search for specific commands
claude-guard --audit-search "npm"
# Verify file integrity
claude-guard --verify-integrity
# View help and options
claude-guard --helpCreate ~/.claude/guard/config.json for custom patterns:
{
"version": "2.0",
"policies": {
"blockedPaths": ["/etc/**", "/System/**", "/usr/**"],
"blockedCommands": ["rm -rf /", "sudo *", "dd if=*", "mkfs*"],
"warnCommands": ["npm install", "pip install", "gem install"]
},
"audit": {
"enabled": true,
"maxDays": 30
},
"aliases": {
"@test": "run all tests in this project",
"@lint": "check code quality and style issues",
"@build": "build the project for production",
"@deploy": "deploy to production server",
"@docs": "generate documentation for this project"
}
}claude-guard --help # Show help information
claude-guard --version # Show version number
claude-guard --config # Show config file location
claude-guard --config-init # Create example config file
claude-guard --list-aliases # Show all configured aliases
claude-guard --audit-tail # Show last 10 audit entries
claude-guard --audit-search TERM # Search audit logs
claude-guard --verify-integrity # Check file integrity- Not enterprise-grade: This is a basic pattern-based security tool
- No central management: Configuration is local to each machine
- Requires Claude CLI: Must install
@anthropic-ai/claude-codeseparately - Community support: Use GitHub issues for questions and bug reports
This tool is a community-built security wrapper for Claude CLI by Anthropic.
- Claude CLI: ยฉ Anthropic PBC - The AI assistant this tool wraps
- Claude Guard Community: MIT License (wrapper functionality only)
Claude Guard is an independent community project and is not affiliated with, endorsed by, or sponsored by Anthropic PBC. Claude CLI must be installed separately from Anthropic.
MIT License - See LICENSE file for details.